2016-05-16 14:29:44 +00:00
|
|
|
package auth
|
2015-03-29 23:13:50 +00:00
|
|
|
|
|
|
|
import (
|
2015-10-19 19:46:41 +00:00
|
|
|
"bytes"
|
2015-03-29 23:13:50 +00:00
|
|
|
"encoding/json"
|
2016-04-08 15:52:55 +00:00
|
|
|
"fmt"
|
2015-03-29 23:13:50 +00:00
|
|
|
"os/exec"
|
2015-06-22 09:46:40 +00:00
|
|
|
"path/filepath"
|
|
|
|
"strings"
|
2015-05-13 19:43:41 +00:00
|
|
|
|
2016-11-15 17:01:18 +00:00
|
|
|
"github.com/git-lfs/git-lfs/config"
|
2016-05-23 18:02:27 +00:00
|
|
|
"github.com/rubyist/tracerx"
|
2015-03-29 23:13:50 +00:00
|
|
|
)
|
|
|
|
|
2016-05-16 14:24:39 +00:00
|
|
|
type SshAuthResponse struct {
|
2015-03-29 23:13:50 +00:00
|
|
|
Message string `json:"-"`
|
2015-04-22 22:51:30 +00:00
|
|
|
Href string `json:"href"`
|
2015-03-29 23:13:50 +00:00
|
|
|
Header map[string]string `json:"header"`
|
|
|
|
ExpiresAt string `json:"expires_at"`
|
|
|
|
}
|
|
|
|
|
2016-07-21 23:13:05 +00:00
|
|
|
func SshAuthenticate(cfg *config.Configuration, operation, oid string) (SshAuthResponse, config.Endpoint, error) {
|
2015-06-22 09:46:40 +00:00
|
|
|
// This is only used as a fallback where the Git URL is SSH but server doesn't support a full SSH binary protocol
|
|
|
|
// and therefore we derive a HTTPS endpoint for binaries instead; but check authentication here via SSH
|
|
|
|
|
2016-07-21 23:13:05 +00:00
|
|
|
endpoint := cfg.Endpoint(operation)
|
2016-05-16 14:24:39 +00:00
|
|
|
res := SshAuthResponse{}
|
2015-03-29 23:13:50 +00:00
|
|
|
if len(endpoint.SshUserAndHost) == 0 {
|
2016-07-21 23:13:05 +00:00
|
|
|
return res, endpoint, nil
|
2015-03-29 23:13:50 +00:00
|
|
|
}
|
|
|
|
|
2015-03-30 06:00:34 +00:00
|
|
|
tracerx.Printf("ssh: %s git-lfs-authenticate %s %s %s",
|
2015-03-29 23:13:50 +00:00
|
|
|
endpoint.SshUserAndHost, endpoint.SshPath, operation, oid)
|
2015-06-22 09:46:40 +00:00
|
|
|
|
2016-07-21 23:13:05 +00:00
|
|
|
exe, args := sshGetExeAndArgs(cfg, endpoint)
|
2015-06-22 09:46:40 +00:00
|
|
|
args = append(args,
|
2016-04-08 15:52:55 +00:00
|
|
|
fmt.Sprintf("git-lfs-authenticate %s %s %s", endpoint.SshPath, operation, oid))
|
2015-06-22 09:46:40 +00:00
|
|
|
|
|
|
|
cmd := exec.Command(exe, args...)
|
2015-03-29 23:13:50 +00:00
|
|
|
|
2015-10-08 09:06:39 +00:00
|
|
|
// Save stdout and stderr in separate buffers
|
|
|
|
var outbuf, errbuf bytes.Buffer
|
|
|
|
cmd.Stdout = &outbuf
|
|
|
|
cmd.Stderr = &errbuf
|
2015-03-29 23:13:50 +00:00
|
|
|
|
2015-10-08 09:06:39 +00:00
|
|
|
// Execute command
|
|
|
|
err := cmd.Start()
|
|
|
|
if err == nil {
|
|
|
|
err = cmd.Wait()
|
|
|
|
}
|
|
|
|
|
|
|
|
// Processing result
|
2015-03-29 23:13:50 +00:00
|
|
|
if err != nil {
|
2016-10-20 11:30:15 +00:00
|
|
|
res.Message = strings.TrimSpace(errbuf.String())
|
2015-03-29 23:13:50 +00:00
|
|
|
} else {
|
2015-10-08 09:06:39 +00:00
|
|
|
err = json.Unmarshal(outbuf.Bytes(), &res)
|
2015-03-29 23:13:50 +00:00
|
|
|
}
|
|
|
|
|
2016-07-21 23:13:05 +00:00
|
|
|
return res, endpoint, err
|
2015-03-29 23:13:50 +00:00
|
|
|
}
|
2015-06-22 09:46:40 +00:00
|
|
|
|
|
|
|
// Return the executable name for ssh on this machine and the base args
|
|
|
|
// Base args includes port settings, user/host, everything pre the command to execute
|
2016-07-21 23:13:05 +00:00
|
|
|
func sshGetExeAndArgs(cfg *config.Configuration, endpoint config.Endpoint) (exe string, baseargs []string) {
|
2015-06-22 09:46:40 +00:00
|
|
|
if len(endpoint.SshUserAndHost) == 0 {
|
|
|
|
return "", nil
|
|
|
|
}
|
|
|
|
|
2015-07-06 21:43:18 +00:00
|
|
|
isPlink := false
|
|
|
|
isTortoise := false
|
|
|
|
|
2016-08-10 20:23:03 +00:00
|
|
|
ssh, _ := cfg.Os.Get("GIT_SSH")
|
|
|
|
sshCmd, _ := cfg.Os.Get("GIT_SSH_COMMAND")
|
|
|
|
cmdArgs := strings.Fields(sshCmd)
|
2016-05-29 03:22:40 +00:00
|
|
|
if len(cmdArgs) > 0 {
|
|
|
|
ssh = cmdArgs[0]
|
|
|
|
cmdArgs = cmdArgs[1:]
|
|
|
|
}
|
|
|
|
|
2015-06-22 09:46:40 +00:00
|
|
|
if ssh == "" {
|
|
|
|
ssh = "ssh"
|
2015-07-06 21:43:18 +00:00
|
|
|
} else {
|
|
|
|
basessh := filepath.Base(ssh)
|
|
|
|
// Strip extension for easier comparison
|
|
|
|
if ext := filepath.Ext(basessh); len(ext) > 0 {
|
|
|
|
basessh = basessh[:len(basessh)-len(ext)]
|
|
|
|
}
|
|
|
|
isPlink = strings.EqualFold(basessh, "plink")
|
|
|
|
isTortoise = strings.EqualFold(basessh, "tortoiseplink")
|
2015-06-22 09:46:40 +00:00
|
|
|
}
|
|
|
|
|
2016-05-29 03:22:40 +00:00
|
|
|
args := make([]string, 0, 4+len(cmdArgs))
|
|
|
|
if len(cmdArgs) > 0 {
|
|
|
|
args = append(args, cmdArgs...)
|
|
|
|
}
|
|
|
|
|
2015-06-22 09:46:40 +00:00
|
|
|
if isTortoise {
|
|
|
|
// TortoisePlink requires the -batch argument to behave like ssh/plink
|
|
|
|
args = append(args, "-batch")
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(endpoint.SshPort) > 0 {
|
|
|
|
if isPlink || isTortoise {
|
|
|
|
args = append(args, "-P")
|
|
|
|
} else {
|
|
|
|
args = append(args, "-p")
|
|
|
|
}
|
|
|
|
args = append(args, endpoint.SshPort)
|
|
|
|
}
|
|
|
|
args = append(args, endpoint.SshUserAndHost)
|
|
|
|
|
|
|
|
return ssh, args
|
|
|
|
}
|